Cybersecurity Engineer

Overview/ Job Responsibilities

Supporting the United States Coast Guard (USCG) Software Factory Implementation & Sustainment CG-6 Command, Control, Communications, Computers, Cyber and Intelligence (C5I), this is a key funded position as part of a strong Agile/DevSecOps team supporting requirements remotely out of the Washington D.C. area.

The Cybersecurity Engineer primary responsibilities include:

• Plans, develops, and implements proven high-tech solutions in alignment with Zero Trust requirements to increase security and defend against hacking, malware and ransomware, insider threats, and other types of cybercrimes. Keeps abreast of industry security trends and developments, as well as applicable government regulations.
• Oversees monitoring of computer networks, identifies security issues, and anticipates security breaches. Executes the installation and maintenance of security programs, plans, and software, including firewalls and data encryption programs.
• Assures protection of the organization's data and infrastructure by enabling the appropriate security controls. Investigates, analyzes and documents security breaches and cyber security incidents to determine the source of the issues, and assesses the damaged caused.
• Performs assessments and penetration tests to identify network and system vulnerabilities, troubleshoots security and network problems, determines the best way to avoid them, and responds to system or network security breaches.
• Provide automated and manual validations of Information Assurance Controls (IACs) and Validation Procedures (VPs) in accordance with the DoD Guidelines, CNSSI 1253 and/or NIST 800-Publications.
• Coordinate with system owners and development teams concerning RMF process and solutions.
• Produce documentation about IA Controls for application development teams, support and provide guidance on IA Control mitigation.
• Produce security briefs and reports for delivery to stakeholders and senior management.
• Review cloud, commercial, and government system cybersecurity implementation, document/assess results, and provide a recommendation concerning risk and authority to operate. 

Minimum Qualifications

• US Citizenship Required.
• Holds interim secret clearance OR Active DoD Secret Clearance.
• 3 years of relevant cyber security experience.
• Bachelor’s degree in Computer Science, Computer Information Systems, Cyber Security, Engineering, Information Assurance, Information Management, Information Systems, Information Security, or Information Technology.
• Experience providing cybersecurity support for the Department of the Navy. 
• Minimum three (3) years of experience in providing cybersecurity support in the areas of security compliance, system monitoring, enabling security controls, performing assessments and penetration testing, risk assessments and audits, creating security documentation, investigating, analyzing, and documenting security breaches and cyber security incidents, and keeping abreast of industry security trends and developments, as well as applicable government regulations.
• Experience using and configuring cyber tools supporting areas of Vulnerability Assessment, SIEM/SOAR, Network Defense, Incident Response, Threat Intelligence.
• Understanding of securing containerized applications/systems.
• Understanding of Zero Trust Architectures and requirements (NIST 800-207), specifically any relevant experience modernizing programs or organizations towards compliance.
• Experience performing in an Information Assurance or Cyber Security capacity working with DevSecOps engineers within cloud environments (AWS, Azure, PCF or similar).  
• Must have experience with DoD-specific (Department of Defense) Information Assurance protocols, policies, & procedures.
• Experience presenting to clients or management to present technical and non-technical information to allow key personnel to make informed decisions.

Desired Qualifications

• Experience using eMASS, STIGViewer, eMASSTer and other DoD approved tools (ACAS, SCAP-compliant scanners, etc.).
• Possess experience leading RMF (Risk Management Framework) and NIST compliance to ATO (Authority to Operate) processes on both IA systems in Development and Production.
• Experience with USMC Risk Management Framework (RMF) – Marine Corps Certification and Accreditation Support Tool (MCCAST) and USN Risk Management Framework (RMF) – Enterprise Mission Assurance Support System (eMASS).
• Understanding of RAISE 2.0 cybersecurity processes. 
• Understanding of Federal Information System Controls Audit Manual (FISCAM) methodology, control activities, techniques, and execution in support of audit readiness.
• High-level knowledge of DevSecOps and cloud (AWS or similar) within a DoD environment.
• Experience with Continuous-ATO.
• Understanding of cyber defensive architecture and technologies required to protect, detect, and respond to cyber threats.

About Sev1Tech LLC

Founded in 2010, Sev1Tech provides IT, engineering, and program management solutions delivery. Sev1Tech focuses on providing program and IT support services to critical missions across Federal and Commercial Clients. Our Mission is to Build better companies.  Enable better government. Protect our nation. Build better humans across the country.

Join the Sev1Tech family where you can achieve great accomplishments while fostering a satisfying and rewarding career progression.  Please apply directly through the website at: https://careers-sev1tech.icims.com/   #joinSev1tech

For any additional questions or to submit any referrals, please contact: marcus.taylor@sev1tech.com

Sev1Tech is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.